CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

91 matches found

Tenable Nessus•added 2023/09/19 12:0 a.m.•16 views

CentOS 8 : postgresql:15 (CESA-2023:5269)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:5269 advisory. - schemaelement defeats protective searchpath changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with...

7.2CVSS6.7AI score0.00276EPSS

Exploits0References3

OpenVAS•added 2023/08/18 12:0 a.m.•21 views

Ubuntu: Security Advisory (USN-6296-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.00665EPSS

Exploits0References2

OSV•added 2023/08/17 11:58 a.m.•5 views

SUSE-SU-2023:3344-2 Security update for postgresql15

This update for postgresql15 fixes the following issues: - Update to 13.12 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. bsc1214059...

8.8CVSS9.3AI score0.00665EPSS

Exploits0References3

Tenable Nessus•added 2023/08/17 12:0 a.m.•34 views

PostgreSQL 15.x < 15.4 Protection Mechanism Failure

The version of PostgreSQL installed on the remote host is 15 prior to 15.4. As such, it is potentially affected by a vulnerability : - PostgreSQL 15 introduced the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policie...

4.3CVSS6.5AI score0.00468EPSS

Exploits0References2

Tenable Nessus•added 2023/08/08 12:0 a.m.•26 views

Rocky Linux 9 : postgresql:15 (RLSA-2023:4327)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:4327 advisory. - schemaelement defeats protective searchpath changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with...

7.2CVSS6.7AI score0.00276EPSS

Exploits0References5

Tenable Nessus•added 2023/08/02 12:0 a.m.•24 views

AlmaLinux 9 : postgresql:15 (ALSA-2023:4327)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:4327 advisory. postgresql: schemaelement defeats protective searchpath changes CVE-2023-2454 postgresql: row security policies disregard user ID changes after inlining...

7.2CVSS6.5AI score0.00276EPSS

Exploits0References3

Tenable Nessus•added 2023/07/31 12:0 a.m.•21 views

RHEL 9 : postgresql:15 (RHSA-2023:4327)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4327 advisory. PostgreSQL is an advanced object-relational database management system DBMS. Security Fixes: postgresql: schemaelement defeats protective...

7.2CVSS6.6AI score0.00276EPSS

Exploits0References7

Tenable Nessus•added 2023/07/20 12:0 a.m.•49 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2023-241)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-241 advisory. This enabled an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. Database owners have that right by default, and explicit grants may extend it to oth...

7.2CVSS7.6AI score0.00276EPSS

Exploits0References4

Ubuntu•added 2023/05/24 2:16 p.m.•72 views

USN-6104-1: PostgreSQL vulnerabilities

Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor. CVE-2023-2454 Wolfgang Walther discovered that PostgreSQL incorrectly handled certain row security...

7.2CVSS6.9AI score0.00276EPSS

Exploits0